1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

8669 Commits

Author SHA1 Message Date
NIIBE Yutaka
50b320952e regexp: Fix generation of _unicode_mapping.c.
* configure.ac (AWK_HEX_NUMBER_OPTION): Detect GNU Awk.
* regexp/Makefile.am: Use AWK_HEX_NUMBER_OPTION.
* regexp/parse-unidata.awk: Don't use strtonum.

GnuPG-bug-id: 4915
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-15 14:10:08 +09:00
Werner Koch
6c28d9343e
sm: Support rsaPSS verification also for CMS signatures.
* sm/certcheck.c (gpgsm_check_cert_sig): Factor PSS parsing out to ...
(extract_pss_params): new.
(gpgsm_check_cms_signature): Implement PSS.
--

GnuPG-bug-id: 4538
2020-04-14 15:46:04 +02:00
Werner Koch
ba34f14153
dirmngr: Support rsaPSS also in the general validate module.
* dirmngr/validate.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(check_cert_sig): Support rsaPSS.
* sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on
error.
--

Yes, I know that there is a lot of code duplication.  In fact some of
the code is ugly and it would be better if we enhance Libgcrypt to
guarantee that returned memory buffers via gcry_sexp_extract_param are
allways Nul terminated and we should also enhance that function to
directly extract into an unsigned int or char *.

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-09 13:05:55 +02:00
Werner Koch
b45ab0ca08
sm,dirmngr: Support rsaPSS signature verification.
* sm/certcheck.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(gpgsm_check_cert_sig): Handle PSS.
* dirmngr/crlcache.c (hash_algo_from_buffer): New.
(uint_from_buffer): New.
(start_sig_check): Detect PSS and extract hash algo.  New arg to
return a PSS flag.
(finish_sig_check): New arg use_pss.  Extract PSS args and use them.
(crl_parse_insert): Pass use_pss flag along.
--

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-09 12:20:19 +02:00
Werner Koch
5d5b70ae0f
common: New function to map hash algo names.
* common/sexputil.c (hash_algo_to_string): New.
--

Libgcrypt expects lowercase names and it is cumbersome to downcase
those retrieved via gcry_md_algo_name.  It is easier and also faster
to use a dedicated map function.
2020-04-09 12:20:19 +02:00
Werner Koch
bfedc760ef
scd:p15: Return a display S/N via Assuan.
* scd/app-p15.c (make_pin_prompt): Factor some code out to ...
(get_dispserialno): this.
(do_getattr): Use new fucntion for a $DISPSERIALNO.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-09 12:20:18 +02:00
NIIBE Yutaka
fd79cadf7b gpg: ECDH: Accept longer padding.
* g10/pubkey-enc.c (get_it): Remove check which mandates shorter
padding.

--

According to the section 8 of RFC 6637, the sender MAY use 21 bytes of
padding for AES-128 to provide 40-byte "m".

Reported-by: Metin Savignano
GnuPG-bug-id: 4908
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-08 09:29:43 +09:00
Werner Koch
9ec8d984be
scd:p15: Show a pretty PIN prompt.
* scd/app-p15.c (struct prkdf_object_s): New fields common_name and
serial_number.
(release_prkdflist): Free them.
(keygrip_from_prkdf): Parse cert and set them.
(any_control_or_space): New.
(make_pin_prompt): New.
(verify_pin): Construct a pretty PIN prompt.
(do_sign): Remove debug output.
--

The D-Trust card has the SerialNumber part of the Subject printed on
the front matter, we assume this is also possible with other cards and
thus we show this as serial number.

The holder of the card is also extracted from the card's subject.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 20:38:15 +02:00
Werner Koch
f28795b615
scd: Return GPG_ERR_BAD_PIN on 0x63Cn status word.
* scd/iso7816.c (map_sw): Detect 0x63Cn status code.
--

I really wonder when that got lost and we ended up with a simple card
error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 19:09:27 +02:00
Werner Koch
60d018f6a9
scd: Factor common PIN status check out.
* scd/iso7816.h (ISO7816_VERIFY_ERROR): New.
(ISO7816_VERIFY_NO_PIN): New.
(ISO7816_VERIFY_BLOCKED): New.
(ISO7816_VERIFY_NULLPIN): New.
(ISO7816_VERIFY_NOT_NEEDED): New.
* scd/iso7816.c (iso7816_verify_status): New.
* scd/app-nks.c (get_chv_status): Use new function.
* scd/app-piv.c (get_chv_status): Ditto.
(verify_chv): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 18:26:00 +02:00
Werner Koch
5ec1f66793
doc: Typo fix in code comment.
--
2020-04-07 16:03:21 +02:00
Werner Koch
42ddcc87f4
scd:p15: Fix decrypt followed by sign problem for D-Trust cards.
* scd/iso7816.c (iso7816_select_mf): New.
* scd/app-p15.c (card_product_t): New.
(struct app_local_s): Add field 'card_product'.
(read_ef_tokeninfo): Detect D-Trust card.
(prepare_verify_pin): Switch to D-Trust AID.
(do_decipher): Restore a SE for D-TRust cards.  Chnage the passing
indicator to 0x81.
--

Using what I learned from a USB trace running the Governikus Signer
Software on Windows this fixes the left over problem with the new
D-Trust card support.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-07 16:03:11 +02:00
NIIBE Yutaka
7ee2a9687d tools: Use internal regexp routines.
* tools/gpg-check-pattern.c: Use jimregexp.h.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-06 09:38:13 +09:00
Werner Koch
aa60645b99
scd:p15: Emit MANUFACTURER, $ENCRKEYID, $SIGNKEYID.
* scd/app-p15.c (read_ef_tokeninfo): Store manufacturer_id.
(do_getattr): Implement MANUFACTURER, $ENCRKEYID and $SIGNKEYID.
(send_keypairinfo): Also print usage flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 11:21:32 +02:00
Werner Koch
15352b0eac
gpg,card: Use the new MANUFACTURER attribute.
* tools/gpg-card.h (struct card_info_s): Add manufacturer fields.
* tools/card-call-scd.c (release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* tools/gpg-card.c (get_manufacturer): Remove.
(list_card): Use the new attribute.
* g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields.
* g10/call-agent.c (agent_release_card_info): Release them.
(learn_status_cb): Parse MANUFACTURER attribute.
* g10/card-util.c (get_manufacturer): Remove.
(current_card_status): Use new attribute.
--

This does away with the duplicated OpenPGP vendor tables; they are now
at a better place (app-openpgp.c).

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 10:44:32 +02:00
Werner Koch
541a6a903e
scd:openpgp: New attribute "MANUFACTURER".
* scd/app-openpgp.c (get_manufacturer): New..
(do_getattr): Add new attribute "MANUFACTURER".
(do_learn_status): Always print it.
--

This will make it easy to maintain the list of OpenPGP vendors at just
one place.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-03 09:56:56 +02:00
NIIBE Yutaka
ba247a114c gpg: Add regular expression support.
* AUTHORS, COPYING.other: Update.
* Makefile.am (SUBDIRS): Add regexp sub directory.
* configure.ac (DISABLE_REGEX): Remove.
* g10/Makefile.am (needed_libs): Add libregexp.a.
* g10/trustdb.c: Remove DISABLE_REGEX support.
* regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h,
  regexp/utf8.c, regexp/utf8.h: New from Jim Tcl.
* regexp/UnicodeData.txt: New from Unicode.
* regexp/Makefile.am, regexp/parse-unidata.awk: New.
* tests/openpgp/Makefile.am: Remove DISABLE_REGEX support.
* tools/Makefile.am: Remove DISABLE_REGEX support.

GnuPG-bug-id: 4843
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-03 15:30:08 +09:00
Werner Koch
61c5b0767f
scd:p15: Implement do_with_keygrip and capabilities.
* scd/app-p15.c (prepare_verify_pin): Allow use without an AODF.
(verify_pin): Ditto.
(do_with_keygrip): Implement capability restrictions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-02 14:23:26 +02:00
Werner Koch
8149742ddf
scd:p15: Rename some variables and functions for clarity.
* scd/app-p15.c: Rename keyinfo to prkdf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-02 12:40:09 +02:00
Werner Koch
5b7b42e2b2
scd: Use Gcrypt usage constants for the do_with_keygrip capabilities.
* scd/command.c (cmd_keyinfo): Use Gcrypt constants for CAP.
* scd/app-openpgp.c (do_with_keygrip): Adjust for them.
* scd/app-piv.c (do_with_keygrip): Ditto.
--

That makes it easier to read.  An open question is whether we should
allow several capabilities and whether they are the ORed or ANDed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-02 11:54:01 +02:00
NIIBE Yutaka
2ccbcfec12 scd: New command DEVINFO.
* scd/app.c (notify_cond): New condition variable.
(app_send_devinfo, app_wait): New.
(scd_update_reader_status_file): Kick NOTIFY_COND.
(initialize_module_command): Initialize NOTIFY_COND.
* scd/command.c (struct server_local_s):  Add watching_status.
(cmd_devinfo): New.
(register_commands): Add DEVINFO command.
(send_client_notifications): Write status change to DEVINFO channel.
* scd/scdaemon.h (app_wait, app_send_devinfo): New.

GnuPG-bug-id: 4864
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-04-02 15:39:26 +09:00
Werner Koch
29f8f52bf8
scd:p15: Cache the PIN.
* scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified.
(verify_pin): Make use of it.
--

Theee is still a problem with the APDUs we send: Switching between
signing and decryption does work but not in the other way.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 20:31:21 +02:00
Werner Koch
132d82c158
scd:p15: Run a keygrip_from_prkdf before verify_pin
* scd/app-p15.c (do_sign): Move keygrip_from_prkdf before PIN
verification.
(do_decipher): Add keygrip_from_prkdf.
--

This is required because that function may change the current file
which is set by prepare_verify_pin right before MSE.  HAs alredy been
done on the backport to 2.2

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 17:49:14 +02:00
Werner Koch
ca4391399c
scd:p15: Support decryption with CardOS 5 cards.
* scd/app-p15.c (do_decipher): New.
--

tested using the D-TRUSt card and a SCR3310 reader.  The Kobil KAAN
Advanced, I used for the signing tests could not be used because it
supports only Short APDU Level exchange.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 14:07:56 +02:00
Werner Koch
375b145487
scd:p15: Factor PIN verification out to a new function.
* scd/app-p15.c (do_sign): Factor code out to ...
(prepare_verify_pin, verify_pin): new functions.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-04-01 11:58:08 +02:00
Werner Koch
c7ff8c59b9
sm: Fix a warning in an es_fopencooie function.
* sm/certdump.c (format_name_writer): Take care of a flush request.
--

We won't see a flush here so that fix does not solve a real bug but we
want to be correct.  Note that this function seems to predate the
es_fopenmem function and thus in master (2.3) we should replace it
entirely.

GnuPG-bug-id: 4495
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from 2.2 commit 8d0d61aca3d2713df8a33444af3658b859d72be8)
2020-04-01 09:58:11 +02:00
Werner Koch
103c1576b7
scd:p15: Support signing with CardOS 5 cards.
* scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg
r_pkey and change all callers.
(app_help_get_keygrip_string): Ditto.
* scd/app-p15.c (struct cdf_object_s): Use bit flags
(struct aodf_object_s): Ditto.  Add field 'fid'.
(struct prkdf_object_s): Ditto.  Add fields keygrip, keyalgo, and
keynbits.
(parse_certid): Allow a keygrip instead of a certid aka keyref.
(read_ef_aodf): Store the FID.
(keygripstr_from_prkdf): Rename to ...
(keygrip_from_prkdf): this.  Remove arg r_gripstr and implement cache.
Change callers to directly use the values from the object.  Also store
the algo and length of the key ion the object.
(keyref_from_keyinfo): New. Factored out code.
(do_sign): Support SHA-256 and >2048 bit RSA keys.
(do_with_keygrip): New.
(app_select_p15): Register new function.
--

This has been tested with a D-Trust card featuring 3072 bit keys.
Note that non-repudiation key for a qualified signature does not yet
work because we do not yet support rsaPSS padding.  Thus a gpgsm
--learn shows a couple of Bad Signature errors for this key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 19:55:15 +02:00
Werner Koch
2bdd4fc7b6
scd:p15: Read certificates in extended mode.
* scd/app-p15.c (readcert_by_cdf): Allow reading in extended mode.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 11:57:19 +02:00
Werner Koch
c9ad81070a
scd: Add function for binary read in extended mode.
* scd/iso7816.c (iso7816_read_binary): Factor code out to ...
(iso7816_read_binary_ext): new function.  Add arg extended_mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 11:53:36 +02:00
Werner Koch
c29603fa9a
scd:p15: Improve diagnostics
--

This removes almost all log_debug calls and uses opt.verbose and
log_info to show card information.  Also avoid too long and thus
harder to read lines.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-31 11:20:59 +02:00
Werner Koch
8a68d497f1
scd:p15: Detect CardOS 5 cards and print some basic infos.
* scd/app-p15.c (read_ef_odf): Detect the home_DF on the fly.  Silence
the garbage warning for null bytes.
(print_tokeninfo_tokenflags): New.
(read_ef_tokeninfo): Print manufacturer, label, and flags.
(app_select_p15): No need to use the app_get_slot macro.
(CARD_TYPE_CARDOS_50): New const.
(card_atr_list): Detect CardOS 5.0
--

The card under test is a "Test-Signaturkarte D-TRUST Card 3.1" for a
mere 49 Euro and no specs available.  D-Trust is a branch of the
German Bundesdruckerei.  Compare that to Telesec and Yubikey who have
always been nice enough to send bunches of sample cards without a need
to wade through lots of forms and not even asking for money.  Guess
which cards I prefer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-30 21:19:24 +02:00
Werner Koch
c5c21a0646
agent: Print an error if gpg-protect reads the extended key format.
* agent/protect-tool.c (read_key): Detect simple extended key format.
--

This is a quick hack to get a useful error messages.  The real fix is
to replace the protect tool by a more useful new tool.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-30 17:27:42 +02:00
Werner Koch
9c5c7c6f60
sm: Fix possible NULL deref in error messages of --gen-key.
* sm/certreqgen.c: Protect printing the liniernur in case of !R.
--

GnuPG-bug-id: 4895
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-30 17:16:30 +02:00
Werner Koch
0b583a555e
sm: Consider certificates w/o CRL DP as valid.
* sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP.
* common/audit.c (proc_type_verify): Print "n/a" if a cert has no
distribution point.
* sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check.
* sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New.
(opts): Add option --enable-issuer-based-crl-check.
(main): Set option.
--

If the issuer does not provide a DP and the user wants such an issuer,
we expect that a certificate does not need revocation checks.  The new
option --enable-issuer-based-crl-check can be used to revert to the
old behaviour which requires that a suitable LDAP server has been
configured to lookup a CRL by issuer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-27 21:16:07 +01:00
Werner Koch
4c4999b818
scd:openpgp: Allow PKSIGN with keygrip also for OPENPGP.3.
* scd/app-openpgp.c (check_keyidstr): Add optional arg r_use_auth to
test also for OpenPGP.3.
(do_sign): Enable that new mode.
--

This is very useful to allow gpgsm to use a certificate based on the
OpenPGP card's authentication key.  That key is usually used for ssh
but it makes sense to use it also for user certificate based
authentication.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-27 19:37:29 +01:00
NIIBE Yutaka
e06a8e3e87 gpgsm: Fix the previous commit.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-03-27 19:42:14 +09:00
NIIBE Yutaka
49ea53b755 gpgsm: Support key generation with ECC.
* sm/certreqgen.c (pKEYCURVE): New.
(read_parameters): Add pKEYCURVE handling.
(proc_parameters): Support ECC key generation.

GnuPG-bug-id: 4888
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-03-26 15:54:14 +09:00
NIIBE Yutaka
238707db8b gpgsm: Remove restriction of key generation (only RSA).
* sm/certreqgen.c (proc_parameters): Remove checking GCRY_PK_RSA.

--

This is an initial change to support ECC key generation.

GnuPG-bug-id: 4888
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-03-26 11:30:58 +09:00
Werner Koch
c1844ca752
gpgconf: Take care of --homedir when reading/updating options.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Remove unused var.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
(gc_component_check_options): Pass --homedir if needed.
(retrieve_options_from_program): Take care of --homedir.
--

This is related to bug 4882 but different due all the code changes.

GnuPG-bug-id: 4882
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-19 12:43:08 +01:00
Werner Koch
4287f89557
gpg: Also allow a v5 fingerprint for --trusted-key.
* g10/trustdb.c (tdb_register_trusted_key): Add case for 32 octet
fingerprints.
--
GnuPG-bug-id: 4855

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 13:56:43 +01:00
Daniel Kahn Gillmor
810ea2cc68
gpg: Update --trusted-key to accept fingerprint as well as long key id.
* g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well
as long key ID.
* doc/gpg.texi: document that --trusted-key can accept a fingerprint.
--

GnuPG-bug-id: 4855
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Fixed uses or return and kept the old string to avoid breaking
translations.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 13:50:52 +01:00
Werner Koch
161a098be6
gpg: Fix key expiration and usage for keys created at the Epoch.
* g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in
account.
--

Keys created at the Epoch have a creation time of 0; when figuring out
the latest signature with properties to apply to a key the usual
comparison A > B does not work if A is always 0.  We now special case
this for the expiration and usage data.

Co-authored-by: gniibe@fsij.org
GnuPG-bug-id: 4670
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-18 12:30:06 +01:00
Werner Koch
8c0323a758
doc: Remove duplicate description of --include-key-block.
--
2020-03-14 19:34:18 +01:00
Werner Koch
451cd1b392
gpgconf: Further simplify the gpgconf option processing.
* common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ...
* tools/gpgconf-comp.c: here.
(known_options_scdaemon): Remove "options".
(known_options_dirmngr): Remove "options".
(known_options_gpgsm): Remove "options".
(known_options_gpg): Remove "options" and "keyserver".
(struct gc_option_s): Rename active t gpgconf_list.
(gc_component_list_options): Do not act upon active.
(option_check_validity): Ditto.
(is_known_option): Make it work correctly for unknown options.
(retrieve_options_from_program): Use renamed flag gpgconf_list only to
detect duplicated items from --gpgconf-list.  Do not set runtime.
Only e set the options if set by --gpgconf-list; never clear them.
* agent/gpg-agent.c: Simplify the --gpgconf-list output.
* dirmngr/dirmngr.c: Ditto.
* g10/gpg.c: Ditto.
* kbx/keyboxd.c: Ditto.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto.
* tests/openpgp/gpgconf.scm: Use "compliance" instead of "keyserver"
for the string arg test.
--

There is no need to read the list of options from the components
unless they convey a default value.  It is better to consult only the
list we have in gpgconf-comp.c to decide on whether an option should
be displayed.   Right, this might mess up thing if a newer gpgconf
version is used with an older component, but we already print warnings
in this case and in general we do not want to support this anymore -
the times of gpg 1.4. and 2.0 are long over now.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 19:12:41 +01:00
Werner Koch
6b306f45f4
gpg: New option --auto-key-import
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--

Note that the --no variants of the options are intended for easy
disabling at the command line.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-14 18:04:47 +01:00
Werner Koch
6a4443c842
gpg: Make use of the included key block in a signature.
* g10/import.c (read_key_from_file): Rename to ...
(read_key_from_file_or_buffer): this and add new parameters.  Adjust
callers.
(import_included_key_block): New.
* g10/packet.h (PKT_signature): Add field flags.key_block.
* g10/parse-packet.c (parse_signature): Set that flags.
* g10/sig-check.c (check_signature2): Add parm forced_pk and change
all callers.
* g10/mainproc.c (do_check_sig): Ditto.
(check_sig_and_print): Try the included key block if no key is
available.
--

This is is the second part to support the new Key Block subpacket.
The idea is that after having received a signed mail, it is instantly
possible to reply encrypted - without the need for any centralized
infrastructure.

There is one case where this does not work: A signed mail is received
using a specified signer ID (e.g. using gpg --sender option) and the
key block with only that user ID is thus imported.  The next time a
mail is received using the same key but with a different user ID; the
signatures checks out using the key imported the last time.  However,
the new user id is not imported.  Now when trying to reply to that
last mail, no key will be found.  We need to see whether we can update
a key in such a case.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 17:14:34 +01:00
Werner Koch
865d485180
gpg: New option --include-key-block.
* common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New.
* g10/gpg.c (oIncludeKeyBlock): New.
(opts): New option --include-key-block.
(main): Implement.
* g10/options.h (opt): New flag include_key_block.
* g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK.
(parse_one_sig_subpkt): Ditto.
(can_handle_critical): Ditto.
* g10/sign.c (mk_sig_subpkt_key_block): New.
(write_signature_packets): Call it for data signatures.
--

This patch adds support for a to be proposed OpenPGP ferature:

  Introduce the Key Block subpacket to align OpenPGP with CMS.

  This new subpacket may be used similar to the CertificateSet of
  CMS (RFC-5652) and thus allows to start encrypted communication
  after having received a signed message.  In practice a stripped down
  version of the key should be including having only the key material
  and the self-signatures which are really useful and shall be used by
  the recipient to reply encrypted.

  #### Key Block

  (1 octet with value 0, N octets of key data)

  This subpacket MAY be used to convey key data along with a signature
  of class 0x00, 0x01, or 0x02.  It MUST contain the key used to create
  the signature; either as the primary key or as a subkey.  The key
  SHOULD contain a primary or subkey capable of encryption and the
  entire key must be a valid OpenPGP key including at least one User ID
  packet and the corresponding self-signatures.

  Implementations MUST ignore this subpacket if the first octet does not
  have a value of zero or if the key data does not represent a valid
  transferable public key.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:34:49 +01:00
Werner Koch
32493ce50a
gpg: Add property "fpr" for use by --export-filter.
* g10/export.c (push_export_filters): New.
(pop_export_filters): New.
(export_pubkey_buffer): Add args prefix and prefixlen.  Adjust
callers.
* g10/import.c (impex_filter_getval): Add property "fpr".
* g10/main.h (struct impex_filter_parm_s): Add field hexfpr.
--

The push and pop feature will help us to use the export filter
internally in gpg.  Same for the export_pubkey_buffer change.

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:19:31 +01:00
Werner Koch
90fb4a69d2
doc: Add a comment to explain the signature postscript.
--

Hal Finney explained this on January 22, 2004 on a question from Peter
Gutmann on the WG list.
2020-03-12 11:05:37 +01:00
Werner Koch
b4f1159a5b
gpgconf: Rewrite the gpgconf-comp module.
* tools/gpgconf.h (gc_component_t): Change type to ...
(gc_component_id_t): this.
(GC_COMPONENT_ANY): New, so that we can use that in gpgconf-comp.c
directly.
* tools/gpgconf-comp.c: Major rework.
--

The primary reason for this rework is to support the global options.
A second reason is to clean up the code and simplify it so that we do
not anymore need to maintain a list of options in the components _and_
in gpgconf-comp.c.

What we do now is to

 1. Read the option tables directly from the components using
    the new generic --dump-option-table option.  This includes
    the header (group) descriptions.

 2. Read the default values from the components as before using
    --gpgconf-list and update gpgconf's internal tables with
    that info.

 3. Read the options using gpgrt_argparser in the same way as we do
    this in the components.

The changes also do away with the second level notion of backends;
they were only used for dirmngr's extra dirmngr_ldapservers.conf file.
We intend to remove that file and replace it with a regular option so
that it will be similar on how OpenPGP keyservers are specified.

The whole thing will currently be slower than before (in particular on
Windows) but we can optimize that by keeping a cached version of the
option tables and the default values in a per homedir cache file.

There is also some work planned to remove most of the data returned by
--gpgconf-list.  What can also be done is to replace the internal
tables, which list the gpgconf maintainable options, by a configuration
file so that admins are able to maintain the list of these options.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-12 10:16:56 +01:00